Electronic commerce and the Internet are changing the way information about consumers is gathered and used. Unfortunately, most of the changes have resulted in the reduction of consumer privacy. The ease of processing, obtaining and transmitting information has made easier both trading in data as well as collating information from different sources. Information about individuals is often collected and sold without their knowledge or consent. As a result, there is an increasing awareness among consumers about privacy violations, and, with it, an increasing resistance to sharing one's personal information.
In response to federal privacy guidelines, vendors have implemented privacy management systems to manage and protect customer information. Typically, a customer, when purchasing a good on credit or subscribing to a service, is presented with the vendor's privacy policy. These policies detail the extent to which the vendor will protect customer information. In some instances, the policies may be no dissemination of that information, limited dissemination to business partners, or notice that some information may be sold or otherwise provided to third parties. By purchasing the good or subscribing to the service, the customer agrees to the terms of the privacy policy. The customer's only bargaining power with respect to these privacy policies is complete acceptance of the terms by purchasing the good or service or rejection by not purchasing the good or service, a “take it or leave it” proposition. Moreover, because these agreements are entered into on the front end of a purchase of goods or subscription of service and are not later modified, the privacy agreement does not change thereafter. For this reason, the privacy policy must be general, even vague, as to whom the customer's information may be provided in the future. In best-case scenarios, customers may be presented with opt-in or opt-out clauses whereby they agree, or do not agree, to dissemination of their personal information. These clauses too are general and often apply across the board, meaning the customer has no flexibility in deciding to whom their information is provided and to whom it is not. They simply choose to allow dissemination to third parties of the vendor's choosing, or not. In the event a customer chooses to permit sharing of his personal information, he risks being bombarded by volumes of unwanted spam, a possibility that causes many customers to share no personal information at all.